-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 03 Aug 2021 07:50:50 +0200 Source: linux-signed-amd64 Architecture: source Version: 5.10.46+4 Distribution: sid Urgency: medium Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Changes: linux-signed-amd64 (5.10.46+4) unstable; urgency=medium . * Sign kernel from linux 5.10.46-4 . * bpf: Introduce BPF nospec instruction for mitigating Spectre v4 (CVE-2021-34556, CVE-2021-35477) * bpf: Fix leakage due to insufficient speculative store bypass mitigation (CVE-2021-34556, CVE-2021-35477) * bpf: Remove superfluous aux sanitation on subprog rejection * Ignore ABI changes for bpf_offload_dev_create and bpf_verifier_log_write * bpf: Add kconfig knob for disabling unpriv bpf by default * init: Enable BPF_UNPRIV_DEFAULT_OFF (Closes: #990411) * linux-image: Add NEWS entry documenting that unprivileged calls to bpf() are disabled by default in Debian. * bpf: verifier: Allocate idmap scratch in verifier env * bpf: Fix pointer arithmetic mask tightening under state pruning Checksums-Sha1: 39865276fccf6819e607b7176754d0ec277fe1f8 8487 linux-signed-amd64_5.10.46+4.dsc 36e93ceca4160349ef0813db1c34c4d36520d3a5 2668800 linux-signed-amd64_5.10.46+4.tar.xz Checksums-Sha256: a450323387a056847614b4bb1adaad736c127d40783df55c3a8733d7149671f9 8487 linux-signed-amd64_5.10.46+4.dsc e83af87167378fef06f53779b4bf7fe420560b92722915ca4eda3810237acc68 2668800 linux-signed-amd64_5.10.46+4.tar.xz Files: 4fa6d6d37b3e815d464e7420a3309ebf 8487 kernel optional linux-signed-amd64_5.10.46+4.dsc 9983e393bf4a0ee422c5735cfab38e44 2668800 kernel optional linux-signed-amd64_5.10.46+4.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEfKFfvHEI+gkU+E+di0FRiLdONzYFAmEJWn4ACgkQi0FRiLdO NzbIJQ/+IJKqGccJX4Jtv/oeHRg3bFwNVVvEGtpNGOBVUS5Ae4yRAWWdVo+UUIFU X/+wOEQncW+Fey4ce/0/OP3X27jRTSJlrLVIxwNiCXdhyB59XhqBTv5ufUOwGdF6 Ah9dUhrRIEd7XBV7xkSmVs7kK4zzWg62M0WzrOMjZ1X4pDhHsZMSY0OGXn0OC1wG VPfMkvfaXOS9pSRA9F8p3Ee+95PBnTirvE24USJcsdlH/nt/HSvBq/atzOPMLezD D26emrrYlyBOLXuutabEL3m4EEnlPNazzMn/sXbcwol2aRMcFaA35tqhMIo/isr/ 2F+l6l2fdDe0GEiwbfXs47KN8zSbfT6cwqTeMkhAZ6nLUp9qK71JysJLzvJpqxGF yb/YJnNKHfVhpIhc9dFj5c/A4vTHp9+pZ0MgS47H8Rx57HNj+n8U4RVYHqXbXwf2 pnBaiwJUIoFcGVrQpRSIBDxKp3jtFy0aigZtd/64m3vv9sViL9EUkBGtH7vIOfDA n0Cry4heig+wzLRshKUK4LkYkAhO9Opoc96JY1yMAxdk1tGNvPTP7Zoj0ReAHB35 5q/Uds7odgWx+8nBamttIxavGVFYvsUZdAfvREcU4/X6HeMB2IFoOvzpMAoMTw0D MU7NO5R25LS05bfWDOENak/qQv4ZMlhSJnyG5GWeKd72GliJIGQ= =L4N5 -----END PGP SIGNATURE-----